Bump mlflow from 1.30.1 to 2.14.2 #20
Wiz Vulnerability Scanner
Exposing Vulnerabilities with Wiz
Vulnerabilities Detected: 49
Annotations
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
scikit-learn:1.0.2
Detected Vulnerabilities:
CVE-2020-28975, Severity: High, Source: https://nvd.nist.gov/vuln/detail/CVE-2020-28975
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 1.1.0-rc1
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-5206, Severity: Medium, Source: https://github.com/advisories/GHSA-jw8x-6495-233v
🩹 Fixed version: 1.5.0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
keras:2.12.0
Detected Vulnerabilities:
CVE-2024-3660, Severity: Critical, Source: https://github.com/advisories/GHSA-x4wf-678h-2pmq
🩹 Fixed version: 2.13.1-rc0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
tensorflow:2.12.0
Detected Vulnerabilities:
CVE-2023-33976, Severity: High, Source: https://github.com/advisories/GHSA-gjh7-xx4r-x345
🩹 Fixed version: 2.12.1
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
tensorflow-macos:2.12.0
Detected Vulnerabilities:
CVE-2023-33976, Severity: High, Source: https://nvd.nist.gov/vuln/detail/CVE-2023-33976
🩹 Fixed version: 2.12.1
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
gitpython:3.1.32
Detected Vulnerabilities:
CVE-2023-40590, Severity: High, Source: https://github.com/advisories/GHSA-wfm5-v35h-vwf4
CVSS score: 7.8, CVSS exploitability score: 1.8
🩹 Fixed version: 3.1.33
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-41040, Severity: Medium, Source: https://github.com/advisories/GHSA-cwvm-v4w8-q58c
CVSS score: 6.5, CVSS exploitability score: 3.9
🩹 Fixed version: 3.1.37
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-22190, Severity: High, Source: https://github.com/advisories/GHSA-2mqj-m65w-jghx
CVSS score: 7.8, CVSS exploitability score: 1.8
🩹 Fixed version: 3.1.41
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
transformers:4.30.2
Detected Vulnerabilities:
CVE-2024-3568, Severity: Low, Source: https://github.com/advisories/GHSA-37q5-v5qm-c9v8
🩹 Fixed version: 4.38.0
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-49082, Severity: Medium, Source: https://nvd.nist.gov/vuln/detail/CVE-2023-49082
CVSS score: 5.3, CVSS exploitability score: 3.9
🩹 Fixed version: 4.41.0
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-21503, Severity: Medium, Source: https://nvd.nist.gov/vuln/detail/CVE-2024-21503
🩹 Fixed version: 4.41.0
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-6730, Severity: Critical, Source: https://github.com/advisories/GHSA-3863-2447-669p
CVSS score: 8.8, CVSS exploitability score: 2.8
🩹 Fixed version: 4.36.0
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-7018, Severity: High, Source: https://github.com/advisories/GHSA-v68g-wm8c-6x7j
CVSS score: 7.8, CVSS exploitability score: 1.8
🩹 Fixed version: 4.36.0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
werkzeug:2.3.6
Detected Vulnerabilities:
CVE-2024-34069, Severity: High, Source: https://github.com/advisories/GHSA-2g68-c3qc-8985
🩹 Fixed version: 3.0.3
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-46136, Severity: Medium, Source: https://github.com/advisories/GHSA-hrfv-mqp8-q5rw
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 2.3.8
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
sqlparse:0.4.4
Detected Vulnerabilities:
CVE-2024-4340, Severity: High, Source: https://github.com/advisories/GHSA-2m57-hf25-phgg
🩹 Fixed version: 0.5.0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
torch:1.13.1
Detected Vulnerabilities:
CVE-2024-31580, Severity: High, Source: https://github.com/advisories/GHSA-5pcm-hx3q-hm94
🩹 Fixed version: 2.2.0
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-31583, Severity: High, Source: https://github.com/advisories/GHSA-pg7h-5qx3-wjr3
🩹 Fixed version: 2.2.0
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-5480, Severity: Critical, Source: https://nvd.nist.gov/vuln/detail/CVE-2024-5480
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
gunicorn:20.1.0
Detected Vulnerabilities:
CVE-2024-1135, Severity: High, Source: https://github.com/advisories/GHSA-w3h3-4rj7-4ph4
🩹 Fixed version: 22.0.0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
setuptools:68.0.0
Detected Vulnerabilities:
CVE-2024-6345, Severity: High, Source: https://github.com/advisories/GHSA-cx63-2mw6-8hw5
🩹 Fixed version: 70.0.0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
fastapi:0.95.2
Detected Vulnerabilities:
CVE-2024-24762, Severity: High, Source: https://github.com/advisories/GHSA-2jv5-9r88-3w3p
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 0.109.1
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
certifi:2023.5.7
Detected Vulnerabilities:
CVE-2023-37920, Severity: High, Source: https://github.com/advisories/GHSA-xqr8-7jwr-rhp7
CVSS score: 9.8, CVSS exploitability score: 3.9
🩹 Fixed version: 2023.7.22
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-39689, Severity: Low, Source: https://github.com/advisories/GHSA-248v-346w-9cwc
🩹 Fixed version: 2024.7.4
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
grpcio:1.56.0
Detected Vulnerabilities:
CVE-2023-33953, Severity: High, Source: https://github.com/advisories/GHSA-496j-2rq6-j6cc
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 1.56.2
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
mlflow:2.15.1
Detected Vulnerabilities:
CVE-2024-37060, Severity: High, Source: https://nvd.nist.gov/vuln/detail/CVE-2024-37060
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-37054, Severity: High, Source: https://nvd.nist.gov/vuln/detail/CVE-2024-37054
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-37055, Severity: High, Source: https://nvd.nist.gov/vuln/detail/CVE-2024-37055
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-37056, Severity: High, Source: https://nvd.nist.gov/vuln/detail/CVE-2024-37056
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-37057, Severity: High, Source: https://nvd.nist.gov/vuln/detail/CVE-2024-37057
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-37052, Severity: High, Source: https://nvd.nist.gov/vuln/detail/CVE-2024-37052
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-37053, Severity: High, Source: https://nvd.nist.gov/vuln/detail/CVE-2024-37053
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-1483, Severity: High, Source: https://nvd.nist.gov/vuln/detail/CVE-2024-1483
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
starlette:0.27.0
Detected Vulnerabilities:
CVE-2024-24762, Severity: High, Source: https://github.com/advisories/GHSA-2jv5-9r88-3w3p
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 0.36.2
💥 Has public exploit
🧨 Has CISA KEV exploit
Check warning on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
jinja2:3.1.2
Detected Vulnerabilities:
CVE-2024-22195, Severity: Medium, Source: https://github.com/advisories/GHSA-h5c8-rqwp-cp95
CVSS score: 6.1, CVSS exploitability score: 2.8
🩹 Fixed version: 3.1.3
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-34064, Severity: Medium, Source: https://github.com/advisories/GHSA-h75v-3vvj-5mfj
🩹 Fixed version: 3.1.4
💥 Has public exploit
🧨 Has CISA KEV exploit
Check warning on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
urllib3:1.26.16
Detected Vulnerabilities:
CVE-2023-43804, Severity: Medium, Source: https://github.com/advisories/GHSA-v845-jxx5-vc9f
CVSS score: 8.1, CVSS exploitability score: 2.8
🩹 Fixed version: 1.26.17
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-45803, Severity: Medium, Source: https://github.com/advisories/GHSA-g4mx-q9vg-27p4
CVSS score: 4.2, CVSS exploitability score: 0.5
🩹 Fixed version: 1.26.18
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-37891, Severity: Medium, Source: https://github.com/advisories/GHSA-34jh-p97f-mpxf
🩹 Fixed version: 1.26.19
💥 Has public exploit
🧨 Has CISA KEV exploit
Check warning on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
ipython:7.34.0
Detected Vulnerabilities:
CVE-2023-24816, Severity: Medium, Source: https://github.com/advisories/GHSA-29gw-9793-fvw7
CVSS score: 7.0, CVSS exploitability score: 1.0
🩹 Fixed version: 8.10.0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check warning on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
zipp:3.16.0
Detected Vulnerabilities:
CVE-2024-5569, Severity: Medium, Source: https://github.com/advisories/GHSA-jfmj-5v4g-7637
🩹 Fixed version: 3.19.1
💥 Has public exploit
🧨 Has CISA KEV exploit
Check warning on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
requests:2.31.0
Detected Vulnerabilities:
CVE-2024-35195, Severity: Medium, Source: https://github.com/advisories/GHSA-9wx4-h78v-vm56
🩹 Fixed version: 2.32.0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check warning on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
tornado:6.3.2
Detected Vulnerabilities:
GHSA-qppv-j76h-2rpx, Severity: Medium, Source: https://github.com/advisories/GHSA-qppv-j76h-2rpx
🩹 Fixed version: 6.3.3
💥 Has public exploit
🧨 Has CISA KEV exploit
GHSA-w235-7p84-xx57, Severity: Medium, Source: https://github.com/advisories/GHSA-w235-7p84-xx57
CVSS score: 6.5
🩹 Fixed version: 6.4.1
💥 Has public exploit
🧨 Has CISA KEV exploit
GHSA-753j-mpmx-qq6g, Severity: Medium, Source: https://github.com/advisories/GHSA-753j-mpmx-qq6g
CVSS score: 5.3
🩹 Fixed version: 6.4.1
💥 Has public exploit
🧨 Has CISA KEV exploit
Check warning on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
pydantic:1.10.11
Detected Vulnerabilities:
CVE-2024-3772, Severity: Medium, Source: https://github.com/advisories/GHSA-mr82-8j83-vxmv
🩹 Fixed version: 1.10.13
💥 Has public exploit
🧨 Has CISA KEV exploit
Check warning on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
idna:3.4
Detected Vulnerabilities:
CVE-2024-3651, Severity: Medium, Source: https://github.com/advisories/GHSA-jjg7-2v4v-x38h
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 3.7.0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check warning on line 1 in poetry.lock
wiz-inc-a28a8b7b4c / Wiz Vulnerability Scanner
black:22.12.0
Detected Vulnerabilities:
CVE-2024-21503, Severity: Medium, Source: https://github.com/advisories/GHSA-fj7x-q9j7-g6q6
🩹 Fixed version: 24.3.0
💥 Has public exploit
🧨 Has CISA KEV exploit